Full Version: Trojan Without Winsock
At the school I work at/attend, I've noticed that the admin has become slightly lazy with the latest image that he has created for the school. It is very secure when it comes to downloads and accessing the C:\ drive with explorer, but when I open up a command prompt, I can edit files and write them to the C:\ drive. So, what I'm looking for is a trojan that will not use mswinsock on both the client AND the server. I don't really want to use netcat, because most of the shortcuts that i've tried don't work. I was just wondering if there were a small, simple, C style trojan like netcat but started up when executed, not when given a command. I work with the admin, and I have shown him some interesting things before, but I think that this could be really interesting....
ok, did a little searching, and I found sub7. It seems that just as long as I have the .dll that it uses in the same folder, everything should work fine. I've masked it from antivirus, and it still works fairly well.
hmm, my school has the same 
can't access c:\ drive but open up a dos prompt is no problem
but ehm, don't you think the trojan will be blocked by a firewall orso?
and maybe incomming ip's are logged, so you might want to use a proxy
can't access c:\ drive but open up a dos prompt is no problem
but ehm, don't you think the trojan will be blocked by a firewall orso?
and maybe incomming ip's are logged, so you might want to use a proxy
lol, my school has the same, you can not access C:\ drive, I solved it by making a shortcut to C:\ on the desktop..
- What a lazy admin.....
- What a lazy admin.....
| QUOTE (LiquidSilver @ Jan 24 2004, 12:13 PM) |
| lol, my school has the same, you can not access C:\ drive, I solved it by making a shortcut to C:\ on the desktop.. - What a lazy admin..... |
i could fix it with a little html script
it listed all the available drives
(i found drives i never saw before )but don't have it anymore
mm... well i don't have problems at my school..
maybe it's becaurs i have admin rights
maybe it's becaurs i have admin rights
löl at my school you can leech the filez which we built over the network /net send is activated / and i am admin too because terminal services was activated with BLANK pass LÖL / but our teacher have busted my since i am always nuking his pc and shutdown the beamer ;D
| QUOTE (flashb4ck @ Jan 26 2004, 04:01 PM) |
| löl at my school you can leech the filez which we built over the network /net send is activated / and i am admin too because terminal services was activated with BLANK pass LÖL / but our teacher have busted my since i am always nuking his pc and shutdown the beamer ;D |
that's stupid if you got busted
If the trojan was coded in VB, which the ebst i remember sub7 was, you dont need winsock the winsockAPI will do just fine. also if you complie the server in VB5 instead of VB6 it removes the need for certin .dlls.
yeah ;D but they had contacted a network specialist who printed all my logs out ;D
At my school, we can access the C:\ on all PCs with the Network, but we can't access the teacher. Is there a way, so i could steall the exam?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
